• 0

Server 2012 File Sharing Restrictions Query

Asked by articuno1au,

 Share

Question

Grand Master

articuno1au

Posted
Posted

Hey Guys,

 

I have a Server 2012 R2 instance that I'm using to share files and manage files (amongst other things). Currently it is NOT on a domain.

 

I have user based restrictions in place for file sharing. In particular I have a RAID 5 array with some 8tb of space mounted. On this drive are 3 public read-only shares for people to pull resources down from. I have myself set up as an Admin on the server so I can edit the files in the shares remotely and have a 4th share that is for my use only.

 

<Directories>

\

- articuno1au (articuno1au has full read write)

- newuser (newuser needs full read write)

- Public 1(public read, articuno1au has full read write)

- Public 2(public read, articuno1au has full read write)

- Public 3(public read, articuno1au has full read write)

</Directories>

 

I'm trying to set up another share for a user who will have read write access to this share. I'm wondering (short of setting up AD) if I can provide the privileges on the box without setting the user up as a local user on the server (i.e. giving them RDP access). Is that even possible?

 

Seems rather a waste to go through setting up AD services for the sake of setting permissions on a file share, but I want the new user to have permissions as above..

 

What thinks?

Link to comment
Share on other sites

5 answers to this question

Recommended Posts

  • 0
Neowinian

pencil_ethics

Posted
Posted

Non-administrator accounts do not have Remote Desktop access by default. If they do, it's because you changed a setting (see Advanced System Settings => Remote tab => Select Users dialog, which alters the members of the Remote Desktop Users security group). Creating the new user as a standard (i.e. limited) user account should be exactly what you need; additionally, if you don't want standard users to log on to the server locally, you should edit the Local Security Policy (secpol.msc) such that the Users security group does not have the Allow log on locally right (Security Settings => Local Policies => User Rights Assignment).

Link to comment
Share on other sites
  • 0
Grand Master

+BudMan MVC

Posted
  • MVC
Posted

Im a bit confused..

 

"can provide the privileges on the box without setting the user up as a local user on the server"

 

No you can not give a user access without a user account..  How would AD fix that?  You would still need an account, just in AD.  Or the account would have to come from another AD that you trust, etc.

 

Why can you not just create a user account on the server for this user to use? 

  • articuno1au
  • Like 1
Link to comment
Share on other sites
  • 0
Grand Master

articuno1au

Posted
  • Author
Posted

I'm trying to avoid them having RDP access to the machine.

I want them to have file access on the share I'm giving them, but not RDP.

Yarp.. >.>

Link to comment
Share on other sites
This topic is now closed to further replies.
 Share
Go to question listing

  • Recently Browsing   0 members

    • No registered users viewing this page.